package com.fz.security.config;

import com.fz.security.filter.BhAuthenticationFilter;
import com.fz.security.provider.MobileCodeAuthenticationProvider;
import com.fz.security.provider.MobilePwdAuthenticationProvider;
import com.fz.security.provider.WeChatAuthenticationProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;


@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    public MobileCodeAuthenticationProvider mobileCodeAuthenticationProvider;

    @Autowired
    public MobilePwdAuthenticationProvider mobilePwdAuthenticationProvider;

    @Autowired
    public WeChatAuthenticationProvider weChatAuthenticationProvider;


    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .authenticationProvider(mobileCodeAuthenticationProvider)
                .authenticationProvider(mobilePwdAuthenticationProvider)
                .authenticationProvider(weChatAuthenticationProvider);
    }

    /**
     * @方法描述: 进行过滤不进行Security授权
     * @参数:
     * @返回值:
     * @创建人: I am God
     * @创建时间:: 2021/2/23
     */
    public void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity// 禁用 CSRF
                .csrf().disable()
                // 授权异常
                .exceptionHandling()
                // 防止iframe 造成跨域
                .and()
                .headers()
                .frameOptions()
                .disable()

                // 不创建会话
                .and()
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)

                .and()
                .authorizeRequests()
                // 静态资源等等
                .antMatchers(
                        HttpMethod.GET,
                        "/*.html",
                        "/**/*.html",
                        "/**/*.css",
                        "/**/*.js",
                        "/webSocket/**"
                ).permitAll()
                // swagger 文档
                .antMatchers("/swagger-ui.html").permitAll()
                .antMatchers("/swagger-resources/**").permitAll()
                .antMatchers("/webjars/**").permitAll()
                .antMatchers("/*/api-docs").permitAll()
                .antMatchers("/*/api-docs-ext").permitAll()
                // 文件
                .antMatchers("/avatar/**").permitAll()
                .antMatchers("/file/**").permitAll()
                // 放行OPTIONS请求
                .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                //放行common接口，只提供不重要数据查询
                .antMatchers("/common/**").permitAll()
                .and().httpBasic();
    }

    /**
     * @方法描述: 走filter
     * @参数:
     * @返回值:
     * @创建人: I am God
     * @创建时间:: 2021/2/24
     */
    @Bean
    public BhAuthenticationFilter bhAuthenticationFilter() {
        BhAuthenticationFilter filter = new BhAuthenticationFilter();
        filter.setAuthenticationManager(authenticationManager);
        return filter;
    }

    /**
     * @方法描述:  在控制台中不展示Security密码
     * @参数:
     * @返回值:
     * @创建人: I am God
     * @创建时间:: 2021/2/23
     */
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }


    /**
     * @方法描述: 密码加密
     * @参数:
     * @返回值:
     * @创建人: I am God
     * @创建时间:: 2021/2/23
     */
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
}
